ltcai 4.1.0 → 4.3.0

package/README.md

@@ -203,34 +203,31 @@ npm run dev
 
 ## Latest Release
 
-### v4.1.0 RC — Frontend & Desktop Rebuild
-
-- **React desktop SPA** — `/app` is now a React + TypeScript + Vite application
-  with TanStack Query, Zustand, React Flow, Cytoscape.js, Tailwind CSS, and
-  local shadcn-style primitives.
-- **Generated API client** — frontend JSON calls consume the existing FastAPI
-  contract through a generated OpenAPI TypeScript client; streaming chat and
-  multipart upload remain honest fetch special cases.
-- **Tauri-first desktop shell** — Tauri 2.0 is the primary desktop target,
-  launching the local backend by default; Electron is retained as a fallback
-  shell only.
-- **Graph-first navigation** — the primary surfaces are Brain, Ask, Capture,
-  Act, Library, and System, with old `/app#...` routes mapped into the new
-  capability groups.
-- **No CDN / offline-capable** — shipped app assets are built into
-  `static/app`, service-worker precached, and verified to avoid CDN
-  dependencies.
-- **v4.0.1 capability preservation** — Brain Core, storage, agent/workflow
-  runtime, privacy model, local-first operation, and backend API contracts are
-  preserved.
-
-See [RELEASE_NOTES_v4.1.0.md](RELEASE_NOTES_v4.1.0.md),
+### v4.3.0 RC — Portability & Product Hardening
+
+- **Portable `.latticebrain` archives** — encrypted archives now include the
+  brain DB, blobs, workspace state, settings, signed bundles, storage metadata,
+  provenance, and public device identity metadata.
+- **Safe backup/restore flows** — archive inspect, verify, import, restore, and
+  restore dry-run are real API-backed operations; destructive restore requires
+  explicit admin confirmation.
+- **Migration safety** — live SQLite-to-Postgres migration creates and verifies
+  a pre-migration backup before copying data.
+- **Desktop hardening** — Tauri sidecar startup, status, restart, shutdown, and
+  loopback-only/default-off guards are hardened.
+- **Privacy audit surface** — token presence alone no longer enables Telegram or
+  external connectors; admin status reports storage, backup health, device
+  identity, permissions, and opt-in integration state.
+- **Release hardening** — exact-version validation covers wheel, sdist, npm tgz,
+  VSIX, and Tauri DMG artifacts.
+
+See [RELEASE_NOTES_v4.3.0.md](RELEASE_NOTES_v4.3.0.md),
 [docs/kg-schema.md](docs/kg-schema.md),
 [FEATURE_STATUS.md](FEATURE_STATUS.md).
 
 ## How it works — every source converges into the graph
 
-As of v4.1.0, data sources flow through the brain ingestion pipeline into
+As of v4.3.0, data sources flow through the brain ingestion pipeline into
 the Knowledge Graph — no source bypasses it, none becomes an isolated silo:
 
 ```text
@@ -246,7 +243,8 @@ source (file · folder · PDF · web URL · browser tab · text)
 - **The graph is the asset.** Memory, search, and agents are views over it; models
   read it. Swap a model and your knowledge is unchanged.
 - **Portable, no cloud.** Export/import the graph as JSON, or take a full local
-  binary backup (DB + blobs) and restore it.
+  binary backup (DB + blobs), encrypted `.latticebrain` archive, or explicit
+  SQLite-to-Postgres migration plan and restore it.
 - **Local-first protects the graph.** It lives in local SQLite on your machine.
 
 For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
@@ -264,6 +262,13 @@ For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
 
 - [ARCHITECTURE.md](ARCHITECTURE.md) — workspace, graph, pipeline, and model overview
 - [docs/architecture.md](docs/architecture.md) — full architecture reference
+- [docs/V4_3_PORTABILITY_ARCHITECTURE.md](docs/V4_3_PORTABILITY_ARCHITECTURE.md) — v4.3.0 portable brain archive architecture
+- [docs/V4_3_PRODUCT_HARDENING_REPORT.md](docs/V4_3_PRODUCT_HARDENING_REPORT.md) — v4.3.0 desktop/product hardening report
+- [docs/V4_3_PRIVACY_AUDIT.md](docs/V4_3_PRIVACY_AUDIT.md) — v4.3.0 privacy and local-first audit
+- [docs/V4_3_VALIDATION_REPORT.md](docs/V4_3_VALIDATION_REPORT.md) — v4.3.0 validation report
+- [docs/V4_2_BRAIN_CORE_ARCHITECTURE.md](docs/V4_2_BRAIN_CORE_ARCHITECTURE.md) — v4.2.0 Brain Core package and storage architecture
+- [docs/V4_2_STORAGE_MIGRATION_REPORT.md](docs/V4_2_STORAGE_MIGRATION_REPORT.md) — v4.2.0 storage migration and archive report
+- [docs/V4_2_VALIDATION_REPORT.md](docs/V4_2_VALIDATION_REPORT.md) — v4.2.0 validation report
 - [docs/V4_1_FRONTEND_ARCHITECTURE_REVIEW.md](docs/V4_1_FRONTEND_ARCHITECTURE_REVIEW.md) — v4.1.0 frontend and desktop architecture review
 - [docs/V4_1_FRONTEND_MIGRATION_REPORT.md](docs/V4_1_FRONTEND_MIGRATION_REPORT.md) — v4.1.0 capability migration report
 - [docs/V4_1_VALIDATION_REPORT.md](docs/V4_1_VALIDATION_REPORT.md) — v4.1.0 validation report
@@ -285,6 +290,8 @@ For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
 ### Releases
 
 - [RELEASE_NOTES.md](RELEASE_NOTES.md) — current release notes
+- [RELEASE_NOTES_v4.3.0.md](RELEASE_NOTES_v4.3.0.md)
+- [RELEASE_NOTES_v4.2.0.md](RELEASE_NOTES_v4.2.0.md)
 - [RELEASE_NOTES_v4.1.0.md](RELEASE_NOTES_v4.1.0.md)
 - [RELEASE_NOTES_v4.0.1.md](RELEASE_NOTES_v4.0.1.md)
 - [RELEASE_NOTES_v4.0.0.md](RELEASE_NOTES_v4.0.0.md)
@@ -298,6 +305,8 @@ For the deeper design, see [ARCHITECTURE.md](ARCHITECTURE.md) and
 
 | Version | Theme |
 | --- | --- |
+| **4.3.0** | Portability & Product Hardening RC — portable `.latticebrain` archives, confirmed restore/import, pre-migration backup verification, Tauri sidecar hardening, local-only/default-off integration guards, exact-version DMG validation |
+| **4.2.0** | Brain Core & Storage Rebuild — independent `lattice_brain` package, pluggable storage layer, sqlite-vec/pgvector capability reporting, explicit Postgres migration, consent-gated Docker setup, encrypted `.latticebrain` archives |
 | **4.1.0** | Frontend & Desktop Rebuild RC — React/Vite/OpenAPI desktop SPA, Tauri 2.0 primary shell, graph-first navigation, and legacy static frontend removal |
 | **4.0.1** | Digital Brain Platform maintenance — closes post-tag v4 gaps with durable async runs, stable identity/workspace state, full `/app` parity, and legacy UI retirement |
 | **4.0.0** | Digital Brain Platform — decomposed brain store, v2 write-mastered Knowledge Graph, durable memory/context, real workflow/agent foundations, signed brain exchange |

package/docs/CHANGELOG.md

@@ -1,5 +1,89 @@
 # Changelog
 
+## [4.3.0] - 2026-06-12
+
+> Portability & Product Hardening release candidate. v4.3.0 preserves the
+> v4.2 Brain Core/storage architecture and adds user-safe portable archives,
+> backup/restore hardening, desktop lifecycle status, and local-only privacy
+> guards.
+
+### Added
+
+- `.latticebrain` archive format v2 with encrypted graph DB, blobs, portable
+  JSON state, signed bundles, storage metadata, provenance, public device
+  identity metadata, manifest hashes, inspect, verify, import, restore, and
+  restore dry-run.
+- FastAPI routes for archive inspect/verify/import, backup health, and admin
+  product-hardening status.
+- Product-hardening status for local-only startup, storage mode, backup health,
+  device identity, import/export permissions, external integration opt-in state,
+  and fail-closed archive behavior.
+- Tauri sidecar `backend_status`, `restart_backend`, and `shutdown_backend`
+  commands.
+- Release cleaner and exact-version DMG validation.
+
+### Changed
+
+- Telegram is disabled by default; token presence alone no longer enables any
+  external integration.
+- SQLite-to-Postgres live migration creates and verifies a pre-migration backup
+  before copying data.
+- System settings exposes `.latticebrain` export/inspect/verify/dry-run
+  restore/confirmed restore through real APIs.
+- OpenAPI client regenerated with 318 paths.
+- Synchronized package/runtime versions to `4.3.0`, including Tauri config and
+  `lattice_brain.__version__`.
+
+### Expected Artifacts
+
+- `dist/ltcai-4.3.0-py3-none-any.whl`
+- `dist/ltcai-4.3.0.tar.gz`
+- `dist/ltcai-4.3.0.vsix`
+- `ltcai-4.3.0.tgz`
+- `src-tauri/target/release/bundle/dmg/Lattice AI_4.3.0_aarch64.dmg`
+
+## [4.2.0] - 2026-06-12
+
+> Brain Core & Storage Rebuild release. The backend Digital Brain boundary is
+> available through the independent `lattice_brain` package, while the v4.1.0
+> frontend, FastAPI contracts, and SQLite user data remain compatible.
+
+### Added
+
+- `lattice_brain` import package with `BrainCore`, Knowledge Graph,
+  conversation, memory/context, identity/network, archive, and storage facades.
+- Pluggable storage layer: `StorageEngine`, `SQLiteEngine`, `PostgresEngine`,
+  `DockerPostgresWizard`, and `SQLiteToPostgresMigrator`.
+- sqlite-vec capability detection with honest `bruteforce-cosine` local vector
+  search fallback.
+- Opt-in Postgres/pgvector scale setup and non-destructive SQLite-to-Postgres
+  migration planning/copy tooling.
+- Live Docker-backed pgvector migration validation, including rowid-less FTS5
+  shadow tables, row-count integrity, idempotent reruns, and fail-closed
+  Postgres behavior.
+- Encrypted `.latticebrain` archive create/restore support for the SQLite brain
+  database and blob directory.
+- FastAPI routes for storage status, consent-gated Docker setup,
+  SQLite-to-Postgres migration, and encrypted archive create/restore.
+
+### Changed
+
+- FastAPI constructs the graph/conversation runtime through
+  `lattice_brain.BrainCore`; root and `latticeai.brain.*` imports remain
+  compatibility shims.
+- OpenAPI client regenerated with 313 paths.
+- System settings exposes API-backed storage status, Docker setup consent, and
+  migration planning controls.
+- Synchronized package/runtime versions to `4.2.0`, including Tauri config and
+  `lattice_brain.__version__`.
+
+### Expected Artifacts
+
+- `dist/ltcai-4.2.0-py3-none-any.whl`
+- `dist/ltcai-4.2.0.tar.gz`
+- `dist/ltcai-4.2.0.vsix`
+- `ltcai-4.2.0.tgz`
+
 ## [4.1.0] - 2026-06-12
 
 > Frontend & Desktop Rebuild release candidate. The existing FastAPI backend,

package/docs/V4_2_BRAIN_CORE_ARCHITECTURE.md

@@ -0,0 +1,97 @@
+# Lattice AI v4.2.0 — Brain Core Architecture
+
+Status: released validation complete
+
+v4.2.0 extracts the Digital Brain backend boundary into the importable
+`lattice_brain` package while preserving the existing FastAPI contracts and the
+v4.1.0 user data layout. FastAPI, CLI, tests, and future tools can now import
+Brain Core directly instead of reaching through root compatibility modules.
+
+## Package Boundary
+
+- `lattice_brain` is the independent Brain Core package namespace.
+- `latticeai.brain` remains as a compatibility namespace for existing callers.
+- Root modules such as `knowledge_graph.py` and `kg_schema.py` remain
+  compatibility shims.
+- FastAPI now constructs the graph and durable conversation store through
+  `lattice_brain.BrainCore`.
+
+## Brain Core Surfaces
+
+The package exposes the implemented v4 brain modules:
+
+- Knowledge system: `KnowledgeGraphStore`
+- Memory system: `BrainMemory`
+- Context assembler: `ContextAssembler`
+- Durable conversations: `ConversationStore`
+- Device identity and signed exchange helpers
+- Brain Network compatibility exports
+- Encrypted `.latticebrain` archives
+- Storage abstraction and migration tools
+
+The frontend still talks only to FastAPI localhost APIs. No frontend code calls
+Python directly.
+
+## Storage Layer
+
+`lattice_brain.storage` introduces:
+
+- `StorageEngine` ABC
+- `SQLiteEngine` default engine
+- `PostgresEngine` opt-in engine with pgvector extension setup
+- `DockerPostgresWizard` explicit-consent local Docker setup
+- `SQLiteToPostgresMigrator` idempotent migration planner/runner, including
+  rowid-less FTS5 shadow table support through declared primary keys
+
+SQLite remains the default. Postgres is never required. If
+`LATTICEAI_STORAGE_ENGINE=postgres` is selected without a DSN or optional
+dependency support, startup fails honestly instead of silently falling back to
+SQLite.
+
+## Vector Search
+
+SQLite vector search remains real and local:
+
+- Existing vector rows stay in `vector_embeddings`.
+- The active fallback is deterministic local hash embeddings with brute-force
+  cosine scoring.
+- `sqlite-vec` is detected and loaded when available.
+- Capability reports distinguish `sqlite-vec` from `bruteforce-cosine`; the
+  fallback is reported honestly and is still a real search path.
+
+Postgres scale mode initializes a pgvector-backed `brain_vectors` table when
+the `vector` extension is available.
+
+## Archive Model
+
+v4.2.0 adds encrypted `.latticebrain` archives:
+
+- AES-256-GCM payload encryption
+- PBKDF2-HMAC-SHA256 key derivation
+- Encrypted SQLite database and blob payload
+- Restore replaces the target DB/WAL/SHM safely and restores blobs
+- Wrong passphrase or tampered data fails closed
+
+The existing JSON export/import and ZIP backup/restore paths remain compatible.
+
+## FastAPI APIs
+
+New localhost APIs:
+
+- `GET /api/brain/storage`
+- `POST /api/brain/storage/postgres/docker`
+- `POST /api/brain/storage/migrate-postgres`
+- `POST /api/knowledge-graph/archive`
+- `POST /api/knowledge-graph/archive/restore`
+
+All mutating operations require admin authorization. Docker starts only when the
+request explicitly carries consent.
+
+## Compatibility
+
+- Existing v4.1.0 SQLite data remains in `knowledge_graph.sqlite`.
+- Existing `knowledge_graph.py`, `kg_schema.py`, and `latticeai.brain.*`
+  imports continue to work.
+- Existing FastAPI routes remain available.
+- Existing release artifacts still build.
+- No data-loss migration is performed automatically.

package/docs/V4_2_STORAGE_MIGRATION_REPORT.md

@@ -0,0 +1,91 @@
+# Lattice AI v4.2.0 — Storage Migration Report
+
+Status: released validation complete
+
+v4.2.0 adds a pluggable storage layer without changing the default local-first
+runtime. Existing users continue on SQLite. Postgres is an explicit opt-in
+scale target, not a required dependency and not an automatic fallback.
+
+## Existing Data
+
+- Existing v4.1.0 data remains in `~/.ltcai/knowledge_graph.sqlite`.
+- Blob payloads remain in `~/.ltcai/knowledge_graph_blobs/`.
+- Durable conversations continue to share the same SQLite DB family.
+- No startup migration rewrites user data for v4.2.0.
+
+## SQLite Engine
+
+`SQLiteEngine` owns SQLite connection setup:
+
+- WAL mode
+- foreign keys enabled
+- local path creation
+- backup and restore helpers
+- sqlite-vec loading attempt when installed
+- honest capability report when sqlite-vec is unavailable
+
+The current graph store continues to use SQLite-specific SQL and is therefore
+wired only to `SQLiteEngine` for the active FastAPI runtime.
+
+## Postgres Engine
+
+`PostgresEngine` is opt-in and fail-closed:
+
+- Requires `LATTICEAI_POSTGRES_DSN` when explicitly selected.
+- Requires optional `psycopg` support.
+- Creates `lattice_brain` schema by default.
+- Runs `CREATE EXTENSION IF NOT EXISTS vector`.
+- Creates a pgvector-backed `brain_vectors` table.
+
+If Postgres is selected but unavailable, Lattice AI reports the error. It does
+not hide the failure by falling back to SQLite.
+
+## Docker Setup
+
+`DockerPostgresWizard` writes a local Docker Compose file for
+`pgvector/pgvector:pg16`. It never runs Docker unless the caller explicitly
+passes consent.
+
+API behavior:
+
+- `consent=false`: writes the compose file and returns `consent_required`.
+- `dry_run=true`: returns the exact Docker command without starting anything.
+- `consent=true` and `dry_run=false`: runs `docker compose up -d postgres`.
+
+## SQLite to Postgres Migration
+
+`SQLiteToPostgresMigrator` plans and copies all user tables from a SQLite brain
+database into Postgres:
+
+- Introspects non-internal SQLite tables.
+- Preserves every row.
+- Uses table `id` as the idempotence key when present.
+- Uses declared primary keys, including composite keys on rowid-less FTS5 shadow
+  tables.
+- Uses preserved `__source_rowid` when no declared key exists and SQLite rowid
+  is available.
+- Upserts rows on repeated runs.
+- Leaves the source SQLite database untouched.
+
+The API defaults to dry-run migration planning. Actual copy requires an
+explicit DSN and `dry_run=false`.
+
+Live v4.2.0 validation used explicit Docker consent to start
+`pgvector/pgvector:pg16`, copy a seeded v4 SQLite brain database into
+Postgres, verify source and destination row counts, rerun the migration
+idempotently, query pgvector distance ordering, and tear down the test Compose
+stack with volumes.
+
+## Encrypted Archives
+
+`.latticebrain` archive support was added for local encrypted backup/restore:
+
+- Database and blobs are zipped locally.
+- Payload is encrypted with AES-256-GCM.
+- Keys derive from the user passphrase via PBKDF2-HMAC-SHA256.
+- Restore rejects bad passphrases or tampered payloads.
+
+## Compatibility Result
+
+No v4.1.0 capability is removed. SQLite remains the default and does not depend
+on Docker, Postgres, pgvector, or network access.

package/docs/V4_2_VALIDATION_REPORT.md

@@ -0,0 +1,89 @@
+# Lattice AI v4.2.0 — Validation Report
+
+Date: 2026-06-12
+Commit under validation: v4.2.0 release commit on `main` after `v4.1.0`
+
+## Result
+
+v4.2.0 validation passed for the implemented Brain Core package, storage
+abstraction, SQLite default runtime, encrypted archives, generated OpenAPI
+client, frontend/system controls, Docker-backed Postgres/pgvector migration,
+desktop check, and release artifacts.
+
+## Commands
+
+| Check | Command | Result |
+| --- | --- | --- |
+| OpenAPI generation | `npm run frontend:openapi` | PASS — 313 paths |
+| Python compile | `npm run check:python` | PASS — 235 modules |
+| Ruff | `node scripts/run_python.mjs -m ruff check .` | PASS |
+| Unit tests | `npm run test:unit -- --tb=short` | PASS — 593 passed, 2 warnings |
+| Live Postgres migration | `LTCAI_LIVE_POSTGRES_DOCKER_CONSENT=1 node scripts/run_python.mjs -m pytest tests/integration/test_v42_postgres_migration_live.py -v --tb=short` | PASS |
+| Live integration | `LTCAI_TEST_BASE_URL=http://127.0.0.1:8899 npm run test:integration -- --tb=short` | PASS — 9 passed, 1 skipped |
+| Frontend lint | `npm run lint` | PASS |
+| TypeScript + VS Code extension build | `npm run typecheck` | PASS |
+| Vite app build | `npm run build:assets` | PASS |
+| Playwright visual/offline suite | `npx playwright test tests/visual/v3.spec.js` | PASS — 12 passed |
+| Tauri desktop check | `npm run desktop:tauri:check` | PASS |
+| Release artifacts | `npm run release:artifacts` | PASS |
+| Artifact validation | `npm run release:validate` | PASS |
+| Wheel smoke | `node scripts/run_python.mjs scripts/wheel_smoke.py --wheel dist/ltcai-4.2.0-py3-none-any.whl` | PASS |
+| npm dry-run | `npm pack --dry-run` | PASS |
+
+## Storage-Specific Coverage
+
+- `test_v42_brain_storage.py` validates:
+  - `lattice_brain` package exports a working Knowledge Graph store.
+  - `BrainCore` constructs SQLite graph and durable conversation stores.
+  - default storage is SQLite.
+  - explicit Postgres without DSN fails honestly.
+  - SQLite-to-Postgres migration planning preserves all user tables and
+    idempotence keys, including rowid-less FTS5 shadow tables with primary
+    keys.
+  - Docker setup does not start without explicit consent.
+  - encrypted `.latticebrain` archives round-trip DB + blobs.
+  - portability service exposes storage status, dry-run migration, and archives.
+- `test_v42_postgres_migration_live.py` validates the explicit-consent Docker
+  path with `pgvector/pgvector:pg16`:
+  - live pgvector Postgres starts through `DockerPostgresWizard`.
+  - v4 SQLite brain data copies without source mutation.
+  - table row counts match after migration.
+  - rerunning migration is idempotent.
+  - pgvector extension and vector distance ordering work.
+  - explicit Postgres runtime paths fail closed instead of falling back to
+    SQLite.
+  - the test Compose stack is torn down with volumes after validation.
+- Existing vector tests continue to validate real local vector search.
+- Existing portability tests continue to validate JSON export/import and ZIP
+  backup/restore.
+
+## Generated Artifacts
+
+- `dist/ltcai-4.2.0-py3-none-any.whl`
+- `dist/ltcai-4.2.0.tar.gz`
+- `dist/ltcai-4.2.0.vsix`
+- `ltcai-4.2.0.tgz`
+
+## Warnings
+
+- Vite reports the main app chunk is larger than 500 kB; build succeeds.
+- Tauri/Rust reports transitive `block v0.1.6` future-incompatibility warning;
+  cargo check succeeds.
+- Release validation warns that older artifacts remain in `dist/`; exact
+  v4.2.0 artifact validation passes and publish docs require exact filenames.
+- Wheel smoke in a clean venv reports MLX unavailable; expected when optional
+  local MLX runtime is not installed. `/health` still reports version `4.2.0`.
+
+## Docker/Postgres Validation
+
+Owner granted explicit Docker consent for the v4.2.0 Postgres/pgvector
+migration test. Docker was used only for this validation path. The live test
+started a local `pgvector/pgvector:pg16` Postgres service, migrated a seeded v4
+SQLite brain database, verified row counts, idempotence, pgvector distance
+search, fail-closed Postgres behavior, and then removed the test Compose stack
+and volumes. SQLite remains the default and fully validated runtime.
+
+## External Registries
+
+No PyPI, npm Registry, VS Code Marketplace, Open VSX, or other external
+registry publish command was run.

package/docs/V4_3_PORTABILITY_ARCHITECTURE.md

@@ -0,0 +1,69 @@
+# Lattice AI v4.3.0 Portability Architecture
+
+## Scope
+
+v4.3.0 hardens the v4.2 Brain Core/storage architecture without redesigning it.
+The primary portable brain format is the encrypted `.latticebrain` archive.
+FastAPI remains the only boundary consumed by the frontend and desktop shell.
+
+## `.latticebrain` Archive Format
+
+The archive is a JSON envelope with:
+
+- `format = latticebrain.encrypted`
+- `format_version = 2`
+- PBKDF2-HMAC-SHA256 key derivation metadata
+- AES-256-GCM cipher metadata
+- encrypted ZIP payload
+- payload SHA-256
+- non-secret manifest summary for inspection
+
+The encrypted payload contains:
+
+- `knowledge_graph.sqlite`
+- `blobs/` from the Knowledge Graph blob store
+- portable JSON state under `data/`
+- signed graph export bundles under `workspace_exports/`
+- `manifest.json` with entry hashes, section flags, storage metadata,
+  public device identity metadata, provenance, and version.
+
+Private key material such as `device_identity.key` is deliberately excluded.
+
+## Operations
+
+- Export: `POST /api/knowledge-graph/archive`
+- Inspect: `POST /api/knowledge-graph/archive/inspect`
+- Verify: `POST /api/knowledge-graph/archive/verify`
+- Import: `POST /api/knowledge-graph/archive/import`
+- Restore: `POST /api/knowledge-graph/archive/restore`
+- Backup health: `GET /api/knowledge-graph/backup-health`
+
+Restore/import fail closed unless the request is a dry run or includes
+`confirm: true`.
+
+## Compatibility
+
+- v1 `.latticebrain` payloads that contain only DB/blob data remain restorable.
+- SQLite remains the default source and target.
+- Postgres scale-mode brains export through safe logical/archive semantics; the
+  migration tooling still requires explicit DSN and does not silently fall back.
+- Existing Knowledge Graph JSON exports and ZIP backups remain supported.
+
+## Integrity Policy
+
+Archives fail closed on:
+
+- bad passphrase
+- corrupt envelope
+- corrupt ZIP payload
+- payload SHA mismatch
+- missing brain database
+- manifest hash mismatch
+- unsupported future archive version
+- unsafe ZIP member paths
+
+## User Safety
+
+Destructive restore operations require admin permission and explicit
+confirmation. Dry-run restore returns the target paths and payload sections
+without mutating user data.

package/docs/V4_3_PRIVACY_AUDIT.md

@@ -0,0 +1,60 @@
+# Lattice AI v4.3.0 Privacy And Local-First Audit
+
+## Default Startup
+
+Default local startup is loopback-only and local-first:
+
+- host: `127.0.0.1`
+- Telegram disabled
+- model autoload disabled in local mode
+- network CORS disabled
+- storage engine: SQLite
+- embedding provider: local hash fallback
+- Docker not auto-started
+- Postgres not required
+- updater checks disabled unless explicitly enabled
+
+## Token Presence Policy
+
+Credentials alone do not enable outbound communication. The product-hardening
+status distinguishes `credential_present` from `enabled`.
+
+Audited integrations:
+
+- Telegram: requires `LATTICEAI_ENABLE_TELEGRAM=true`
+- Brain Network: peer push is explicit user/admin action; no automatic sync
+- Update checks: require `LATTICEAI_ENABLE_UPDATES=true`
+- Model downloads: require explicit load/autoload/user action
+- Docker setup: requires runtime consent
+- Postgres: requires explicit storage engine and DSN
+- External connectors: credentials are inert until connector enablement and
+  invocation
+
+## Tests
+
+Unit coverage proves:
+
+- default config is local-only
+- Telegram is disabled by default
+- Telegram token presence alone does not enable Telegram
+- cloud/API-token presence alone does not enable external connectors
+- product hardening status reports opt-in egress honestly
+
+## Desktop Guardrails
+
+Tauri sidecar startup sets local-only environment overrides for the packaged
+backend. Desktop status commands expose missing backend/runtime failures as
+honest unavailable states.
+
+## CLI Guardrails
+
+The CLI startup notification path now requires `LATTICEAI_ENABLE_TELEGRAM=true`;
+Telegram bot token and chat ID presence alone no longer starts a notification
+thread.
+
+## Remaining Owner-Only Privacy Decisions
+
+- Package registry publication remains owner-only.
+- Production model downloads remain explicit user action or policy opt-in.
+- History rewrite for old binary assets remains owner-only because it requires a
+  force push.

package/docs/V4_3_PRODUCT_HARDENING_REPORT.md

@@ -0,0 +1,53 @@
+# Lattice AI v4.3.0 Product Hardening Report
+
+## Summary
+
+v4.3.0 turns the v4.2 Brain Core/storage release into a safer desktop product
+without changing the Brain Core, storage, frontend, agent, or workflow
+architecture.
+
+## Desktop Shell
+
+- Tauri sidecar startup now records command, PID, origin, running state, and
+  last error.
+- Tauri exposes `backend_status`, `restart_backend`, and `shutdown_backend`
+  commands.
+- Sidecar startup forces loopback host, disables Telegram, disables autoloaded
+  models, disables network CORS, and disables tunnels.
+- Missing Python or backend command failures are stored as actionable desktop
+  status instead of being hidden.
+
+## Backup And Restore
+
+- `.latticebrain` archive export/inspect/verify/import/restore is API-backed.
+- Backup health is exposed through FastAPI and the System settings view.
+- Restore dry-run verifies the archive and returns planned targets without
+  mutation.
+- Restore/import requires explicit confirmation for destructive execution.
+- SQLite-to-Postgres live migration now creates and verifies a pre-migration
+  SQLite backup before copying data.
+
+## Admin Status
+
+`GET /admin/product-hardening` reports:
+
+- local-only startup posture
+- storage mode
+- backup health
+- public device identity metadata
+- external integration opt-in state
+- admin import/export/restore permissions
+- fail-closed behavior for archive and restore errors
+
+## Release Packaging
+
+- Release artifact validation now checks the exact Tauri DMG path.
+- Release artifact build script cleans only target-version outputs before
+  rebuilding.
+- Historical artifacts remain visible so `dist/*` upload mistakes are still
+  detectable.
+
+## Registry Policy
+
+v4.3.0 RC work builds and validates artifacts only. It does not publish to PyPI,
+npm Registry, VS Code Marketplace, Open VSX, or any other external registry.